本文選題：決策 + 協(xié)同�。� 參考：《電子科技大學(xué)》2014年碩士論文

【摘要】：互聯(lián)網(wǎng)安全從互聯(lián)網(wǎng)的商業(yè)化開始就一直受到嚴(yán)重的威脅,目前國內(nèi)外通常采用安全評估系統(tǒng)來檢測系統(tǒng)的安全性。滲透測試則是最常見也是有效的檢測系統(tǒng)安全性的方法。本文從滲透測試和智能化決策角度出發(fā),設(shè)計(jì)并實(shí)現(xiàn)了基于協(xié)同決策的滲透測試系統(tǒng)。該系統(tǒng)可以有效的調(diào)度最佳的主機(jī)對目標(biāo)系統(tǒng)進(jìn)行自動(dòng)化滲透測試。本文的主要工作內(nèi)容如下:1)針對國內(nèi)外的主要滲透測試技術(shù)和智能決策協(xié)同等進(jìn)行了相應(yīng)研究。2)針對滲透測試設(shè)計(jì)了決策協(xié)同模塊,并對任務(wù)的表述及切分、節(jié)點(diǎn)的選擇、節(jié)點(diǎn)通信與異常處理等核心技術(shù)進(jìn)行了研究與實(shí)現(xiàn)。對多個(gè)節(jié)點(diǎn)共同執(zhí)行復(fù)雜任務(wù)進(jìn)行了有效劃分,使得任務(wù)可以由多節(jié)點(diǎn)協(xié)同完成,提高了工作效率。3)對metasploit進(jìn)行滲透測試進(jìn)行了相關(guān)的研究,特別是nmap的核心功能以及nse腳本引擎。為自動(dòng)化滲透測試提供了技術(shù)路徑。4)編寫bash shell腳本并利用metasploit提供的接口編寫腳本調(diào)用nmap、payloads、exploit等組件完成自動(dòng)化滲透測試。5)針對協(xié)同決策的滲透測試進(jìn)行了實(shí)際網(wǎng)絡(luò)的滲透測試與驗(yàn)證。成功獲取了目標(biāo)系統(tǒng)的sam數(shù)據(jù)庫內(nèi)容。結(jié)果表明:本文研究與實(shí)現(xiàn)的基于協(xié)同自主的滲透測試系統(tǒng)相對于傳統(tǒng)的滲透測試方式而言,具有更高的執(zhí)行效率和更低的成本(主要是人力、時(shí)間、知識學(xué)習(xí)等成本)等特點(diǎn)。
[Abstract]:Internet security has been seriously threatened by the commercialization of the Internet. At present, the security assessment system is usually used to detect the security of the system at home and abroad. Penetration testing is the most common and effective method for detecting system security. This paper, based on the penetration test and intelligent decision making, designs and implements the method. This system can effectively dispatch the best host to the automatic penetration test of the target system. The main contents of this paper are as follows: 1) according to the main osmosis testing technology at home and abroad and intelligent decision coordination, the corresponding.2 is studied.) the decision coordination module is designed for the penetration test. The key technologies such as the representation and segmentation of the task, the selection of nodes, the node communication and the exception handling are studied and implemented. The complex tasks of the nodes are effectively divided, and the tasks can be completed by multi nodes and improved the efficiency of.3). The related research is carried out on the penetration test of Metasploit. Not the core function of nmap and the NSE scripting engine. It provides a technical path for automated penetration testing.4) writing bash shell scripts and using the interface writing script provided by Metasploit to call nmap, payloads, exploit and other components to complete the automated penetration test.5) for the penetration test of collaborative decision making the penetration test of the actual network. The sam database content of the target system is successfully obtained. The results show that the research and implementation of the collaborative autonomous osmosis testing system is more efficient and lower cost (mainly human, time, knowledge learning and other costs) compared with the traditional osmosis testing.
【學(xué)位授予單位】：電子科技大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2014
【分類號】：TP393.08

【參考文獻(xiàn)】

相關(guān)期刊論文 前3條

1 劉承學(xué);申斌;胡娜;;淺析可信計(jì)算技術(shù)及其發(fā)展[J];信息安全與技術(shù);2012年01期

2 吳旭;;計(jì)算機(jī)支持的協(xié)同工作系統(tǒng)技術(shù)探析[J];科技與企業(yè);2012年09期

3 郝高麟;;移動(dòng)通信網(wǎng)絡(luò)干擾問題的分析與快除[J];數(shù)據(jù)通信;2010年04期

相關(guān)碩士學(xué)位論文 前1條

1 林釔霖;基于PKI的身份認(rèn)證系統(tǒng)研究[D];重慶理工大學(xué);2012年

，

本文編號：2049594